Send audit logs and charmed mongodb logs to

syslog to support CoS integration

lib/charms/mongodb/v1/helpers.py

@@ -45,11 +45,19 @@
 
 DATA_DIR = "/var/lib/mongodb"
 LOG_DIR = "/var/log/mongodb"
+LOG_TO_SYSLOG = True
 CONF_DIR = "/etc/mongod"
 MONGODB_LOG_FILENAME = "mongodb.log"
 logger = logging.getLogger(__name__)
 
 
+def _get_logging_options(snap_install: bool) -> str:
+    # TODO sending logs to syslog until we have a separate mount point for logs
+    if LOG_TO_SYSLOG:
+        return ""
+    return f"--logpath={LOG_DIR}/{MONGODB_LOG_FILENAME}" if snap_install else ""
+
+
 # noinspection GrazieInspection
 def get_create_user_cmd(config: MongoDBConfiguration, mongo_path=MONGO_SHELL) -> List[str]:
     """Creates initial admin user for MongoDB.
@@ -131,10 +139,9 @@ def get_mongod_args(
     """
     full_data_dir = f"{MONGODB_COMMON_DIR}{DATA_DIR}" if snap_install else DATA_DIR
     full_conf_dir = f"{MONGODB_SNAP_DATA_DIR}{CONF_DIR}" if snap_install else CONF_DIR
-    full_log_dir = f"{MONGODB_COMMON_DIR}{LOG_DIR}" if snap_install else LOG_DIR
     # in k8s the default logging options that are used for the vm charm are ignored and logs are
     # the output of the container. To enable logging to a file it must be set explicitly
-    logging_options = f"--logpath={full_log_dir}/{MONGODB_LOG_FILENAME}" if snap_install else ""
+    logging_options = _get_logging_options(snap_install)
     cmd = [
         # bind to localhost and external interfaces
         "--bind_ip_all",
@@ -145,9 +152,8 @@ def get_mongod_args(
         # for simplicity we run the mongod daemon on shards, configsvrs, and replicas on the same
         # port
         f"--port={Config.MONGODB_PORT}",
-        "--auditDestination=file",
+        "--auditDestination=syslog",  # TODO sending logs to syslog until we have a separate mount point for logs
         f"--auditFormat={Config.AuditLog.FORMAT}",
-        f"--auditPath={full_data_dir}/{Config.AuditLog.FILE_NAME}",
         logging_options,
     ]
     if auth:

src/config.py

@@ -16,7 +16,7 @@ class Config:
     MONGODB_SNAP_DATA_DIR = "/var/snap/charmed-mongodb/current"
     MONGOD_CONF_DIR = f"{MONGODB_SNAP_DATA_DIR}/etc/mongod"
     MONGOD_CONF_FILE_PATH = f"{MONGOD_CONF_DIR}/mongod.conf"
-    SNAP_PACKAGES = [("charmed-mongodb", "6/edge", 87)]
+    SNAP_PACKAGES = [("charmed-mongodb", "6/edge", 93)]
 
     # Keep these alphabetically sorted
     class Actions:
@@ -29,7 +29,7 @@ class AuditLog:
         """Audit log related configuration."""
 
         FORMAT = "JSON"
-        FILE_NAME = "audit.json"
+        FILE_NAME = "audit.log"
 
     class Backup:
         """Backup related config for MongoDB Charm."""

tests/integration/test_charm.py

@@ -322,7 +322,7 @@ def juju_reports_one_primary(unit_messages):
 async def test_audit_log(ops_test: OpsTest) -> None:
     """Test that audit log was created and contains actual audit data."""
     leader_unit = await find_unit(ops_test, leader=True)
-    audit_log_snap_path = "/var/snap/charmed-mongodb/common/var/lib/mongodb/audit.json"
+    audit_log_snap_path = "/var/snap/charmed-mongodb/common/var/log/mongodb/audit.log"
     audit_log = check_output(
         f"JUJU_MODEL={ops_test.model_full_name} juju ssh {leader_unit.name} 'sudo cat {audit_log_snap_path}'",
         stderr=subprocess.PIPE,